Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/21B7F8F2932111EEA205F93BC4F9AE02.roa
File: 21B7F8F2932111EEA205F93BC4F9AE02.roa (raw, json)
Hash identifier: 62eTjhzKKDQnWJh0GyzAO6zcuQ50THYJAAnB/eSa0lE=
Subject key identifier: 47:38:B8:D2:C1:13:F4:11:6A:E0:55:23:A1:79:FC:15:63:E1:EB:A6
Certificate issuer: /CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Certificate serial: 02CF
Authority key identifier: 10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/21B7F8F2932111EEA205F93BC4F9AE02.roa
Signing time: Tue 04 Jun 2024 23:03:18 +0000
ROA not before: Tue 04 Jun 2024 23:03:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 43.243.193.0/24 maxlen: 24
45.113.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 719 (0x2cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178AF2
Validity
Not Before: Jun 4 23:03:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=665f9d35-540a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:44:34:97:68:26:a3:82:56:e9:dd:94:2c:8c:
2f:28:3e:72:02:06:f0:a2:9b:38:74:02:0b:3d:59:
38:f1:07:16:97:7e:46:c2:9e:89:97:57:ab:54:57:
cd:80:13:e6:b0:91:d4:db:df:1a:20:7b:a1:c9:14:
ae:21:ec:cb:fe:39:6e:48:a2:6a:b1:47:ed:36:26:
02:28:b7:ed:3d:74:3e:0e:6e:24:c5:c3:27:72:4d:
9b:80:78:41:80:e3:73:38:8f:a0:dc:4b:51:8d:8a:
c7:27:89:97:b6:d7:87:06:39:52:96:fa:27:01:8c:
cb:f4:f6:13:95:e4:40:30:43:d5:a3:54:bb:e4:3e:
49:bd:12:e0:4d:70:ab:9a:eb:60:90:c6:ae:28:d7:
2a:00:5d:3b:eb:3d:cb:d2:a0:30:be:e5:b0:38:21:
72:3c:9c:be:bf:19:b1:92:98:19:e4:f1:89:af:ac:
76:28:15:8a:8f:22:ec:fd:a0:e1:ca:ff:81:89:f4:
5d:38:31:9e:20:99:cb:55:31:e5:ef:fe:bc:3b:73:
20:3e:7c:a0:4d:a5:cb:ac:ad:95:34:98:4b:1d:33:
05:7e:80:88:dd:45:9e:9e:59:2d:61:47:2b:ed:a2:
53:5f:8b:7f:ec:fe:2c:6b:0d:82:ac:95:e7:6a:f3:
d8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:38:B8:D2:C1:13:F4:11:6A:E0:55:23:A1:79:FC:15:63:E1:EB:A6
X509v3 Authority Key Identifier:
keyid:10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/EAXM1eGCMPuprdPSf4XaOPE-QXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/21B7F8F2932111EEA205F93BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.193.0/24
45.113.83.0/24
Signature Algorithm: sha256WithRSAEncryption
74:b2:58:1a:28:88:75:3b:7b:98:d9:43:44:fd:61:00:1a:c0:
2c:b2:b0:1c:99:5b:f9:7f:6b:52:bc:d8:5d:1a:24:c4:05:b0:
fd:1f:f7:31:c6:17:2a:8a:c4:ea:2c:1a:5d:d6:30:70:4f:b8:
40:ba:f8:8f:da:c4:04:2b:b1:c9:c0:7b:18:7e:e0:ed:4c:ef:
7f:8d:01:1a:77:ec:d9:cf:65:c4:e3:34:aa:d3:1f:88:05:f1:
db:e6:fa:0a:86:d2:55:07:c2:93:f4:99:98:84:67:be:19:9a:
bf:da:4f:17:08:23:fd:6c:d7:bc:db:c1:47:81:ea:c5:f1:49:
39:c3:ea:4f:52:fb:34:2f:19:20:19:d4:29:8f:89:60:76:e0:
00:d4:49:5d:f5:a5:5b:e6:30:37:ca:de:5b:57:4f:2b:0d:b8:
67:76:8c:68:00:6d:86:73:5f:23:40:6d:8f:e3:fe:3f:ae:63:
9d:8f:f6:3f:43:a7:90:62:8b:28:05:2b:e6:f9:6b:e1:73:69:
98:9e:a9:b2:80:37:95:49:7b:eb:e9:8f:d6:d1:24:5b:0b:9f:
27:74:9d:ac:c7:e7:f3:52:f0:7d:06:8a:f1:92:e7:42:fd:96:
cb:ed:9c:22:6b:dd:01:42:f7:a3:9f:00:5e:4b:ce:b5:70:82:
6c:b9:38:b4
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAs8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhBRjIxMTAvBgNVBAUTKDEwMDVDQ0Q1RTE4MjMwRkJBOUFERDNEMjdGODVEQTM4
RjEzRTQxNzIwHhcNMjQwNjA0MjMwMzE4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVmOWQzNS01NDBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAokQ0l2gmo4JW6d2ULIwvKD5yAgbwops4dAILPVk48QcWl35Gwp6Jl1erVFfN
gBPmsJHU298aIHuhyRSuIezL/jluSKJqsUftNiYCKLftPXQ+Dm4kxcMnck2bgHhB
gONzOI+g3EtRjYrHJ4mXtteHBjlSlvonAYzL9PYTleRAMEPVo1S75D5JvRLgTXCr
mutgkMauKNcqAF076z3L0qAwvuWwOCFyPJy+vxmxkpgZ5PGJr6x2KBWKjyLs/aDh
yv+BifRdODGeIJnLVTHl7/68O3MgPnygTaXLrK2VNJhLHTMFfoCI3UWenlktYUcr
7aJTX4t/7P4saw2CrJXnavPYlQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEc4uNLB
E/QRauBVI6F5/BVj4eumMB8GA1UdIwQYMBaAFBAFzNXhgjD7qa3T0n+F2jjxPkFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEFGMi83M0M4ODc5MkUw
NjcxMUVDQjlEMkZGODFDNEY5QUUwMi9FQVhNMWVHQ01QdXByZFBTZjRYYU9QRS1R
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VBWE0xZUdDTVB1cHJkUFNmNFhhT1BFLVFYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhBRjIvNzNDODg3OTJFMDY3MTFFQ0I5RDJGRjgxQzRGOUFFMDIvMjFCN0Y4RjI5
MzIxMTFFRUEyMDVGOTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr88EDBAAtcVMwDQYJKoZIhvcNAQELBQADggEBAHSyWBoo
iHU7e5jZQ0T9YQAawCyysByZW/l/a1K82F0aJMQFsP0f9zHGFyqKxOosGl3WMHBP
uEC6+I/axAQrscnAexh+4O1M73+NARp37NnPZcTjNKrTH4gF8dvm+gqG0lUHwpP0
mZiEZ74Zmr/aTxcII/1s17zbwUeB6sXxSTnD6k9S+zQvGSAZ1CmPiWB24ADUSV31
pVvmMDfK3ltXTysNuGd2jGgAbYZzXyNAbY/j/j+uY52P9j9Dp5BiiygFK+b5a+Fz
aZieqbKAN5VJe+vpj9bRJFsLnyd0nazH5/NS8H0GivGS50L9lsvtnCJr3QFC96Of
AF5LzrVwgmy5OLQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:22:03 2025 by rpki-client